VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Debian
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-10-27
CVE-2023-34059
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.
local
high complexity
vmware
debian
7.0
7.0
2023-10-26
CVE-2023-46234
Improper Verification of Cryptographic Signature vulnerability in multiple products
browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js.
network
low complexity
browserify
debian
CWE-347
7.5
7.5
2023-10-25
CVE-2023-5367
Out-of-bounds Write vulnerability in multiple products
A out-of-bounds write flaw was found in the xorg-x11-server.
local
low complexity
x-org
redhat
fedoraproject
debian
CWE-787
7.8
7.8
2023-10-25
CVE-2023-5380
Use After Free vulnerability in multiple products
A use-after-free flaw was found in the xorg-x11-server.
local
high complexity
x-org
redhat
fedoraproject
debian
CWE-416
4.7
4.7
2023-10-25
CVE-2023-41983
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The issue was addressed with improved memory handling.
network
low complexity
apple
fedoraproject
debian
CWE-119
6.5
6.5
2023-10-25
CVE-2023-42852
A logic issue was addressed with improved checks.
network
low complexity
apple
fedoraproject
debian
8.8
8.8
2023-10-25
CVE-2023-46316
In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines.
local
low complexity
buc
debian
5.5
5.5
2023-10-25
CVE-2023-5363
Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths.
network
low complexity
openssl
debian
netapp
7.5
7.5
2023-10-25
CVE-2023-5472
Use After Free vulnerability in multiple products
Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google
debian
fedoraproject
CWE-416
8.8
8.8
2023-10-25
CVE-2023-5721
Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay.
network
low complexity
mozilla
debian
CWE-1021
4.3
4.3
«
Previous
1
2
...
10
11
12
(current)
13
14
...
766
767
»
Next